aboutsummaryrefslogtreecommitdiffstats
path: root/security/keys/keyctl.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2012-12-16 18:40:50 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2012-12-16 18:40:50 -0500
commit2a74dbb9a86e8102dcd07d284135b4530a84826e (patch)
treea54403e312b6062dfb57bd904ba8b8ce3b11e720 /security/keys/keyctl.c
parent770b6cb4d21fb3e3df2a7a51e186a3c14db1ec30 (diff)
parente93072374112db9dc86635934ee761249be28370 (diff)
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris: "A quiet cycle for the security subsystem with just a few maintenance updates." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: Smack: create a sysfs mount point for smackfs Smack: use select not depends in Kconfig Yama: remove locking from delete path Yama: add RCU to drop read locking drivers/char/tpm: remove tasklet and cleanup KEYS: Use keyring_alloc() to create special keyrings KEYS: Reduce initial permissions on keys KEYS: Make the session and process keyrings per-thread seccomp: Make syscall skipping and nr changes more consistent key: Fix resource leak keys: Fix unreachable code KEYS: Add payload preparsing opportunity prior to key instantiate or update
Diffstat (limited to 'security/keys/keyctl.c')
-rw-r--r--security/keys/keyctl.c15
1 files changed, 8 insertions, 7 deletions
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 5d34b4e827d..4b5c948eb41 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -1132,12 +1132,12 @@ long keyctl_instantiate_key_iov(key_serial_t id,
1132 ret = rw_copy_check_uvector(WRITE, _payload_iov, ioc, 1132 ret = rw_copy_check_uvector(WRITE, _payload_iov, ioc,
1133 ARRAY_SIZE(iovstack), iovstack, &iov); 1133 ARRAY_SIZE(iovstack), iovstack, &iov);
1134 if (ret < 0) 1134 if (ret < 0)
1135 return ret; 1135 goto err;
1136 if (ret == 0) 1136 if (ret == 0)
1137 goto no_payload_free; 1137 goto no_payload_free;
1138 1138
1139 ret = keyctl_instantiate_key_common(id, iov, ioc, ret, ringid); 1139 ret = keyctl_instantiate_key_common(id, iov, ioc, ret, ringid);
1140 1140err:
1141 if (iov != iovstack) 1141 if (iov != iovstack)
1142 kfree(iov); 1142 kfree(iov);
1143 return ret; 1143 return ret;
@@ -1495,7 +1495,8 @@ long keyctl_session_to_parent(void)
1495 goto error_keyring; 1495 goto error_keyring;
1496 newwork = &cred->rcu; 1496 newwork = &cred->rcu;
1497 1497
1498 cred->tgcred->session_keyring = key_ref_to_ptr(keyring_r); 1498 cred->session_keyring = key_ref_to_ptr(keyring_r);
1499 keyring_r = NULL;
1499 init_task_work(newwork, key_change_session_keyring); 1500 init_task_work(newwork, key_change_session_keyring);
1500 1501
1501 me = current; 1502 me = current;
@@ -1519,7 +1520,7 @@ long keyctl_session_to_parent(void)
1519 mycred = current_cred(); 1520 mycred = current_cred();
1520 pcred = __task_cred(parent); 1521 pcred = __task_cred(parent);
1521 if (mycred == pcred || 1522 if (mycred == pcred ||
1522 mycred->tgcred->session_keyring == pcred->tgcred->session_keyring) { 1523 mycred->session_keyring == pcred->session_keyring) {
1523 ret = 0; 1524 ret = 0;
1524 goto unlock; 1525 goto unlock;
1525 } 1526 }
@@ -1535,9 +1536,9 @@ long keyctl_session_to_parent(void)
1535 goto unlock; 1536 goto unlock;
1536 1537
1537 /* the keyrings must have the same UID */ 1538 /* the keyrings must have the same UID */
1538 if ((pcred->tgcred->session_keyring && 1539 if ((pcred->session_keyring &&
1539 !uid_eq(pcred->tgcred->session_keyring->uid, mycred->euid)) || 1540 !uid_eq(pcred->session_keyring->uid, mycred->euid)) ||
1540 !uid_eq(mycred->tgcred->session_keyring->uid, mycred->euid)) 1541 !uid_eq(mycred->session_keyring->uid, mycred->euid))
1541 goto unlock; 1542 goto unlock;
1542 1543
1543 /* cancel an already pending keyring replacement */ 1544 /* cancel an already pending keyring replacement */
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-03 22:34:39 -0400